The field of the present invention relates generally to the encryption and decryption of data conducted over a distributed computer network. In particular, the field of the invention relates to a software architecture for conducting a plurality of cryptographic sessions managed over a distributed computing environment.
An N session distributed architecture is described which solves the problems encountered with providing a secure network. The present software solution boosts performance to previously unattainably high levels and provides a practical security solution capable of servicing N simultaneous cryptographic session using a distributed computing environment without additional encryption decryption hardware at wire-speed levels. An aspect of the invention provides a solution, which overcomes the network bandwidth latency barriers to secure encryption. Another aspect of the invention provides a scalability solution to the problem of processor saturation due to encryption decryption loads.
There is a growing need to provide for secure commerce on computer networks, which does not require costly non-scalable computational resources. Corporations now have critical needs for ensuring the security of data that traverses their networks. Information Systems (IS) managers have attempted to cope with those needs by installing and managing expensive hardware to provide protection of data. In the case where data must be transferred between sites, IS managers can dictate their security needs to the telephone companies who manage the transfer of data between multiple sites. However, there are several problems limiting the transfer of data networking. Such concerns are as follows:
Network Availability (also known as uptime);
Network bandwidth (the amount of data that the overall network can handle over a particular time slice);
Quality of Service: ensuring that pre-determined service levels, such as bandwidth congestion allowances and network latency, are consistently met for all hosts connected to the network;
Security: ensuring that sensitive data are protected as it traverses the network and those unauthorized parties do not compromise that data or the network itself.
Monitoring/Auditing (the capability to verify that the above needs are being met and the ability to instantly detect and react to any deviation from preset expectations).
When considering a new technology that will impact a network, an IS manager must address the foregoing issues. After these requirements are met, factors of cost and scalability must be considered. IS managers are constantly looking for ways to meet the above requirements while reducing the cost of supporting their network. Managing the cost of expanding a network to address increased bandwidth requirements of users is a major problem for IS managers today.
Point-to-Point Encryption
Point-to-point link level encryption has a disadvantage in that it is not scaleable. For example, there is a dramatic and non-linear cost difference in installing and maintaining a 128 k Frame Relay link versus a 1.544M Frame Relay link. The cost problem is not limited to bandwidth, but rather is also greatly affected by the addition of new groups of hosts as additional connection points. Related equipment also must be installed and maintained. Point-to-point encryption also has cost disadvantages. Point-to-point link level encryption is usually all or none meaning that all data both public and private are encrypted over this link. This additional overhead is acceptable in some cases but undesirable in others.
Since link level encryption requires static routes to be created it does not integrate easily into the Internet paradigm, which requires packets to be dynamically routed from point to point. A network layer (or higher) encryption solution is required in order to fit easily into the framework of routable IP packets. Currently there exists a transport level security mechanism for application programs using SSLv3 (secure sockets layer). SSL was developed in 1995 when a universally recognized security mechanism at the IP layer did not exist. This has been the most commonly used protocol for providing secure applications.
The three protocol capabilities of SSL include authentication, encryption and key exchange. In IPSec these are provided as separate protocols (AH, ESP and IKE).
In SSL most of the communications protocol data is passed in plaintext, only the application header and actual data sent to the application is cryptographically protected. The encryption and integrity protection for the data and not the communications as in IPSec, which protects both, are handled by the record protocol. The negotiation of new crypto algorithms and keys is handled by the handshake protocol. Finally, any errors that have occurred are handled by the alert protocol. SSL maintains its security state based on the session associated with a particular set of host addresses and ports.
SSL sessions are established in four steps. In Step 1 the sender sends a hello message to the receiver containing random data. In Step 2 the receiver sends the sender his/her public key embedded in a signed certificate. In step 3 the sender encrypts a shared secret key and a change cipher spec switch (to determine the proper cipher to use) with the receiver""s public key and sends it to the receiver. In step 4 the receiver sends a reply using the shared secret key (after decrypting the info in step 3 with his private key) and a xe2x80x9cfinishedxe2x80x9d message. Both sides now can begin communications. Using the record protocol, all data that passes between the two parties are encrypted and hashed and the recipient checks this hash upon decryption to make sure that the data have not been modified in transit.
The newest version of SSL (3.0) supports RSA key exchange, Diffie-Hellman anonymous or signed (the most common implementation is SKIP) and Fortezza using SKIPJACK. TLS (Transport Level Security) and PCT (Private Communication Technology) by Microsoft are both variations on SSL that are vying for standards approval by the IETF. A major disadvantage of all versions of SSL is that SSL is ineffective against many of the newer communications level (below transport level) attacks, which are technically called SYN Flooding, Buffer Overruns and Traffic Analysis.
IPSec
IPSec is a conventional protocol for securing IP traffic as it traverses the Internet, an Extranet or any IP based local, metropolitan or wide area network. IPSec can be incorporated with Ipv4 to provide security for host to host, host to subnet and subnet to subnet communications, which are not available with SSL.
The objective for securing large corporate networks is to allow the proper insiders or outsiders to access corporate data transparently while keeping unintended parties from accessing the same data or denying service to those who should be accessing the data. In the past, Firewalls have been used as a means for filtering incoming and outgoing traffic. Firewalls have been combined with access servers to authenticate parties before they are allowed access to any resource inside or outside the firewall.
Firewalls have evolved to include new protocols that allow them to safely transfer data between themselves and another party over the Internet. This function is known as creating a virtual private network (a private network over the public Internet).
The IPSec protocol uses two underlying protocols to send data securely. IPSec adds two additional packet headers to a packet to handle each of the two protocols. The headers both contain a numerical value known as the SPI (security parameters index) to identify the crypto keys and procedures to use with it. The first header, AH (authentication header), provides integrity checking and keying information to keep attackers from computing alternate checksums that check correctly. The second header, ESP, encrypts the contents of the remainder of the packet.
IPSec supports a number of algorithms for authentication and encryption. Examples are KeyedMD5 and SHA-1 (for AH), DES, Triple DES, and RC4 (for ESP). In addition to this, IPSec automatically handles the creation of security associations between hosts through key management.
Manual keys can be used which allow hosts to be configured manually with the proper shared secret keys. More common is the use of Simple Key Interchange Protocol (SKIP) which negotiates and exchanges session keys between IPSec hosts. ISKAMP (Internet Security Association and Key Management Protocol) is a general purpose protocol intended to manage security associations and manage key exchanges using Oakley or IKE. Tunneling is also used. In tunnel mode the final destination IP header is encrypted and a gateway IP header is added to allow router to route the packet to the gateway server. In transport mode the IP header is not encrypted.
IPSec is meant to protect traffic between hosts. However, with the wide range of applications currently in use (email, browsers, file transfer, remote terminal access, multimedia, database and so on) it becomes cumbersome to implement.
IPSec provides an advantage over SSL because it can protect against the newer protocol attacks such as SYN flooding and buffer overruns. In the SYN flooding attack mentioned above IPSec would block illegitimate SYN messages because they require a valid AH with a valid cryptographic checksum. Attackers cannot generate numerous requests from random hosts because they cannot generate a valid AH for every such host. In the buffer overrun attack, the destination host will discard any IP packets which are not properly formatted for IPSec. That is, packets must come from a valid host and be properly formatted for TCP before TCP processes them, thereby protecting the host from this type of attack.
Although SSL and IPSec can be combined to gain added protection and flexibility, these systems fail to address the problems of increased cost of implementation and scalability. Another major problem not addressed by SSL and IPSec is managing the cost of expanding a network to address increased bandwidth requirements of users.
The introduction of constantly changing standards and encryption/decryption schemes has greatly increased the burden on computer resources to provide secure communication. The computational demands are currently being addressed with the addition of special encryption/decryption ASICs (Application Specific Integrated Circuits) or hardware. However, as hosts are called, a doubling of hardware must be added to meet demands from both source and sink ends.
A conventional attempt to address the above deficiencies includes the use of hardware to handle encryption and decryption of data traffic. However, this is expensive and slow in that it increases the computational burden on the CPU when encrypting and decrypting data. The hardware approach also has a disadvantage in that it is not scaleable.
Alternative software architectures have been tried and discarded. The conventional software point to point client server model cannot scale adequately. Increased demand for secure sessions can lead to system failure as processing resources become unavailable on either side. Employing a central server model has been tried and found inadequate. The central gateway server in a distributed system environment becomes saturated with increased demand for decryption services. Tests were done to compare the performance of a conventional centralized server architecture model, as in FIG. 1, against an invention architecture topology in FIG. 2. These configuration performance tests and results are discussed infra
Conventional distributed architecture is unable to manage the increase in secure session demand due to instability arising from uneven processor computational loads, propagation delays and computer or network latency, all of which cause loss in synchronicity with collective processors. For these reasons current solutions are inadequate to overcome the barriers mentioned above.
Therefore, what is needed is a new method for encryption/decryption which is infinitely scaleable in the number of simultaneous sessions capable of being processed by a server.
What is also needed is an encryption/decryption system which is infinitely scaleable in terms of bandwidth between clients and servers.
What is also needed is an easily implemented software solution which provides end-to-end encryption/decryption in a distributed network while increasing processing power which eliminating latency as bandwidth increases.
In accordance with the foregoing and other objectives, an aspect of the invention provides a distributed software solution for encryption/decryption which is infinitely scaleable in the number of simultaneous sessions capable of being processed by a server and in terms of bandwidth between clients and servers. Another aspect of the invention provides end-to-end encryption in a distributed network and combines the processing power of all computers connected to the system to enable bandwidth to be infinitely scaleable and to reduce latency substantially to zero.
Another aspect of the invention provides a software architecture for encryption/decryption by partitioning the client traffic into units which can be processed across a distributed network of hosts without introducing network instabilities. A further aspect of the invention increases packets per second throughput and overcomes latency. Another aspect of the invention implements a mathematical method ensuring a stable partitioning and processing of encrypted traffic to meet the increase in secure session demand.
In accordance with another aspect of the invention, the software architecture has three primary components: Manager, Client and Agent. The manager software resides on a gateway server and manages all aspects of controlling the system. Client, server, and agents are created on the manager. The manager controls client access levels. Certificate information is imported and stored by the manager or optionally generated by the manager. The manager does performance monitoring. The manger performs auditing. Network address translation is handled by the manager for tunneled traffic from the client
The client software resides on the desktop of internal hosts, the desktop/laptop of remote users and the desktops of remote offices. The Client software provides a simple GUI interface for clients to configure dial-up information and use either a dial-up connection or a network connection to the local VPN server.
The agent software handles the negotiation of security keys, security associations and establishes the IPSec link between itself and the server. Agent software can run as a stand alone process or exist as part of the client software. The agent software is responsible for encrypting and decrypting communication traffic as it arrives from the clients via the server. All of the agents operate as distributed system to share the load of the encryption and decryption over all of the agent CPUs.